SCCM Collection: Dynamically Identifying Users that have had their mailbox migrated to O365

One of the challenges I’ve recently had is identifying users that have had their mailbox migrated to Office365. This becomes quite a task if like me you’re using InTune integrated with SCCM but need separate mail profiles for mobile users. Now this isn’t an issue if you’re happy to manually maintain an AD group which can then be referenced by SCCM, however I want this to dynamically be updated and not rely on Humans.

John Bailey, has written an excellent article on some key AD attributes which can be used to identify whether the mailbox is on-prem or in O365. For my environment I can simply extend my Active Directory User Discovery to include the attribute ‘msExchRecipientDisplayType’ and then use a WQL query to identify the users that have been migrated.

Common values:

Value

Object Type

1

User Mailbox

2

Linked Mailbox

4

Shared Mailbox

2048

Dynamic Distribution Group

2147483648

Remote Mailbox (O365)

The query for where the mailbox has been migrated to Office365:

SELECT *
FROM
SMS_R_User
WHERE
SMS_R_User.msExchRecipientTypeDetails = 2147483648
Advertisements

Troubleshooting Enrollment of devices in InTune/SCCM MDM

If you’re having issues enrolling a mobile device into Intune/SCCM MDM follow the below steps to troubleshoot the issue.

  1. Check that the device is not already enrolled in another MDM i.e. BES/InTune/AirWatch
  2. If Android check that it is running at least Android 4.0
  3. Check the Date and Time are correct on the device
  4. Switch to 4G or a different WiFi network
  5. Uninstall and Reinstall the Company Portal application
  6. Check that there isn’t a Management Profile installed already, if there is remove it

We couldn’t enroll this device

  • Check that a license has been allocated to the user in O365

Profile failed to install

  1. Make sure that Safari is the default browser on the device, and that cookies are not disabled.
  2. Reboot the device
  3. Attempt to install the management profile manually from portal.manage.microsoft.com